Skip to content

P
projet-cdaw
Commit 543be5ee authored by Zohten's avatar Zohten
Browse files
Options

banned account gestion

parent c337abc3
Hide whitespace changes
Inline Side-by-side
Showing with 15 additions and 0 deletions
BackEnd/src/controller/LoginController.class.php
View file @ 543be5ee
...@@ -25,6 +25,12 @@ class LoginController extends Controller ...@@ -25,6 +25,12 @@ class LoginController extends Controller
} }
$user = User::tryLogin($json['login']); $user = User::tryLogin($json['login']);
if ($user->isBanned()==1){
$message = json_encode(["message" => "Your account is banned!"]);
return Response::unauthorizedResponse($message);
}
if (empty($user) || !hash_equals($json['pwd'], $user->password())) { if (empty($user) || !hash_equals($json['pwd'], $user->password())) {
$r = new Response(422, "wrong credentials"); $r = new Response(422, "wrong credentials");
$r->send(); $r->send();
......
BackEnd/src/model/User.class.php
View file @ 543be5ee
...@@ -40,6 +40,7 @@ class User extends Model ...@@ -40,6 +40,7 @@ class User extends Model
$stm = parent::exec('USER_GET_WITH_LOGIN', ['login' => $login]); $stm = parent::exec('USER_GET_WITH_LOGIN', ['login' => $login]);
return $stm->fetch(); return $stm->fetch();
} }
public function id() public function id()
{ {
return trim($this->ID_USER); return trim($this->ID_USER);
......
BackEnd/src/testRequests/userRequests.http
View file @ 543be5ee
...@@ -12,6 +12,14 @@ POST http://localhost/index.php/login ...@@ -12,6 +12,14 @@ POST http://localhost/index.php/login
"pwd": "hasheddupontpwd" "pwd": "hasheddupontpwd"
} }
### Tenter de récupérer un token utilisateur bloqué
POST http://localhost/index.php/login
{
"login": "kevinlekikou",
"pwd": "hashedkevinlekikoupwd"
}
### Récupérer un token admin ### Récupérer un token admin
POST http://localhost/index.php/login POST http://localhost/index.php/login
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment